Hi, in dnssec-signzone.c, this code appears:
> filenamelen = strlen(prefix) + strlen(namestr); > if (dsdir != NULL) > filenamelen += strlen(dsdir) + 1; > filename = isc_mem_get(mctx, filenamelen + 1); > if (filename == NULL) > fatal("out of memory"); > if (dsdir != NULL) > sprintf(filename, "%s/", dsdir); The last line, "sprintf(filename, "%s/", dsdir);". Since "/" is also added to the buffer, doesn't that mean the buffer will be overflowed by one byte if the dsdir is full? Thanks, -- -- Joshua Rogers <https://internot.info/>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users